From 99cf08ac38bdee25d07f27a3d9bb5d74199d106c Mon Sep 17 00:00:00 2001 From: Amit Yadav Date: Wed, 18 Jan 2017 18:38:31 +0530 Subject: Message Editing and Deleting permissions (#4692) --- .../components/admin_console/policy_settings.jsx | 49 +++++++++++ .../components/admin_console/post_edit_setting.jsx | 99 ++++++++++++++++++++++ webapp/components/admin_console/radio_setting.jsx | 63 ++++++++++++++ webapp/components/edit_post_modal.jsx | 11 +++ .../components/post_view/components/post_info.jsx | 24 ++++-- webapp/components/rhs_comment.jsx | 21 +++-- webapp/components/rhs_root_post.jsx | 21 +++-- webapp/i18n/en.json | 10 +++ webapp/stores/user_store.jsx | 2 +- webapp/utils/constants.jsx | 7 ++ webapp/utils/post_utils.jsx | 41 +++++++++ 11 files changed, 325 insertions(+), 23 deletions(-) create mode 100644 webapp/components/admin_console/post_edit_setting.jsx create mode 100644 webapp/components/admin_console/radio_setting.jsx (limited to 'webapp') diff --git a/webapp/components/admin_console/policy_settings.jsx b/webapp/components/admin_console/policy_settings.jsx index 0e224af73..391726a93 100644 --- a/webapp/components/admin_console/policy_settings.jsx +++ b/webapp/components/admin_console/policy_settings.jsx @@ -6,6 +6,8 @@ import React from 'react'; import AdminSettings from './admin_settings.jsx'; import SettingsGroup from './settings_group.jsx'; import DropdownSetting from './dropdown_setting.jsx'; +import RadioSetting from './radio_setting.jsx'; +import PostEditSetting from './post_edit_setting.jsx'; import Constants from 'utils/constants.jsx'; import * as Utils from 'utils/utils.jsx'; @@ -22,6 +24,9 @@ export default class PolicySettings extends AdminSettings { } getConfigFromState(config) { + config.ServiceSettings.RestrictPostDelete = this.state.restrictPostDelete; + config.ServiceSettings.AllowEditPost = this.state.allowEditPost; + config.ServiceSettings.PostEditTimeLimit = this.parseIntNonZero(this.state.postEditTimeLimit, Constants.DEFAULT_POST_EDIT_TIME_LIMIT); config.TeamSettings.RestrictTeamInvite = this.state.restrictTeamInvite; config.TeamSettings.RestrictPublicChannelCreation = this.state.restrictPublicChannelCreation; config.TeamSettings.RestrictPrivateChannelCreation = this.state.restrictPrivateChannelCreation; @@ -35,6 +40,9 @@ export default class PolicySettings extends AdminSettings { getStateFromConfig(config) { return { + restrictPostDelete: config.ServiceSettings.RestrictPostDelete, + allowEditPost: config.ServiceSettings.AllowEditPost, + postEditTimeLimit: config.ServiceSettings.PostEditTimeLimit, restrictTeamInvite: config.TeamSettings.RestrictTeamInvite, restrictPublicChannelCreation: config.TeamSettings.RestrictPublicChannelCreation, restrictPrivateChannelCreation: config.TeamSettings.RestrictPrivateChannelCreation, @@ -241,6 +249,47 @@ export default class PolicySettings extends AdminSettings { /> } /> + + } + value={this.state.restrictPostDelete} + onChange={this.handleChange} + helpText={ + + } + /> + + } + value={this.state.allowEditPost} + timeLimitValue={this.state.postEditTimeLimit} + onChange={this.handleChange} + helpText={ + + } + /> ); } diff --git a/webapp/components/admin_console/post_edit_setting.jsx b/webapp/components/admin_console/post_edit_setting.jsx new file mode 100644 index 000000000..282a1b6c5 --- /dev/null +++ b/webapp/components/admin_console/post_edit_setting.jsx @@ -0,0 +1,99 @@ +// Copyright (c) 2016 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +import React from 'react'; + +import Setting from './setting.jsx'; + +import Constants from 'utils/constants.jsx'; +import * as Utils from 'utils/utils.jsx'; + +export default class PostEditSetting extends React.Component { + constructor(props) { + super(props); + + this.handleChange = this.handleChange.bind(this); + this.handleTimeLimitChange = this.handleTimeLimitChange.bind(this); + } + + handleChange(e) { + this.props.onChange(this.props.id, e.target.value); + } + + handleTimeLimitChange(e) { + this.props.onChange(this.props.timeLimitId, e.target.value); + } + + render() { + return ( + +
+ +
+
+ +
+
+ +
+ + ); + } +} + +PostEditSetting.defaultProps = { + isDisabled: false +}; + +PostEditSetting.propTypes = { + id: React.PropTypes.string.isRequired, + timeLimitId: React.PropTypes.string.isRequired, + label: React.PropTypes.node.isRequired, + value: React.PropTypes.string.isRequired, + timeLimitValue: React.PropTypes.number.isRequired, + onChange: React.PropTypes.func.isRequired, + disabled: React.PropTypes.bool, + helpText: React.PropTypes.node +}; diff --git a/webapp/components/admin_console/radio_setting.jsx b/webapp/components/admin_console/radio_setting.jsx new file mode 100644 index 000000000..dd45a5a26 --- /dev/null +++ b/webapp/components/admin_console/radio_setting.jsx @@ -0,0 +1,63 @@ +// Copyright (c) 2016 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +import React from 'react'; + +import Setting from './setting.jsx'; + +export default class RadioSetting extends React.Component { + constructor(props) { + super(props); + + this.handleChange = this.handleChange.bind(this); + } + + handleChange(e) { + this.props.onChange(this.props.id, e.target.value); + } + + render() { + const options = []; + for (const {value, text} of this.props.values) { + options.push( +
+ +
+ ); + } + + return ( + + {options} + + ); + } +} + +RadioSetting.defaultProps = { + isDisabled: false +}; + +RadioSetting.propTypes = { + id: React.PropTypes.string.isRequired, + values: React.PropTypes.array.isRequired, + label: React.PropTypes.node.isRequired, + value: React.PropTypes.string.isRequired, + onChange: React.PropTypes.func.isRequired, + disabled: React.PropTypes.bool, + helpText: React.PropTypes.node +}; diff --git a/webapp/components/edit_post_modal.jsx b/webapp/components/edit_post_modal.jsx index 55bf5fe60..7c1747ef7 100644 --- a/webapp/components/edit_post_modal.jsx +++ b/webapp/components/edit_post_modal.jsx @@ -118,6 +118,17 @@ export default class EditPostModal extends React.Component { } handleEditPostEvent(options) { + var post = PostStore.getPost(options.channelId, options.postId); + if (global.window.mm_license.IsLicensed === 'true') { + if (global.window.mm_config.AllowEditPost === Constants.ALLOW_EDIT_POST_NEVER) { + return; + } + if (global.window.mm_config.AllowEditPost === Constants.ALLOW_EDIT_POST_TIME_LIMIT) { + if ((post.create_at + (global.window.mm_config.PostEditTimeLimit * 1000)) < Utils.getTimestamp()) { + return; + } + } + } this.setState({ editText: options.message || '', originalText: options.message || '', diff --git a/webapp/components/post_view/components/post_info.jsx b/webapp/components/post_view/components/post_info.jsx index aa204add1..c4de46e8f 100644 --- a/webapp/components/post_view/components/post_info.jsx +++ b/webapp/components/post_view/components/post_info.jsx @@ -8,12 +8,10 @@ import PostTime from './post_time.jsx'; import * as GlobalActions from 'actions/global_actions.jsx'; import * as PostActions from 'actions/post_actions.jsx'; -import TeamStore from 'stores/team_store.jsx'; -import UserStore from 'stores/user_store.jsx'; - import * as Utils from 'utils/utils.jsx'; import * as PostUtils from 'utils/post_utils.jsx'; import Constants from 'utils/constants.jsx'; +import DelayedAction from 'utils/delayed_action.jsx'; import {Tooltip, OverlayTrigger} from 'react-bootstrap'; import React from 'react'; @@ -28,6 +26,10 @@ export default class PostInfo extends React.Component { this.removePost = this.removePost.bind(this); this.flagPost = this.flagPost.bind(this); this.unflagPost = this.unflagPost.bind(this); + + this.canEdit = false; + this.canDelete = false; + this.editDisableAction = new DelayedAction(this.handleEditDisable); } handleDropdownClick(e) { @@ -38,6 +40,10 @@ export default class PostInfo extends React.Component { } } + handleEditDisable() { + this.canEdit = false; + } + componentDidMount() { $('#post_dropdown' + this.props.post.id).on('shown.bs.dropdown', () => this.props.handleDropdownOpened(true)); $('#post_dropdown' + this.props.post.id).on('hidden.bs.dropdown', () => this.props.handleDropdownOpened(false)); @@ -45,9 +51,9 @@ export default class PostInfo extends React.Component { createDropdown() { var post = this.props.post; - var isOwner = this.props.currentUser.id === post.user_id; - var isAdmin = TeamStore.isTeamAdminForCurrentTeam() || UserStore.isSystemAdminForCurrentUser(); - const isSystemMessage = post.type && post.type.startsWith(Constants.SYSTEM_MESSAGE_PREFIX); + + this.canDelete = PostUtils.canDeletePost(post); + this.canEdit = PostUtils.canEditPost(post, this.editDisableAction); if (post.state === Constants.POST_FAILED || post.state === Constants.POST_LOADING) { return ''; @@ -139,7 +145,7 @@ export default class PostInfo extends React.Component { ); - if (isOwner || isAdmin) { + if (this.canDelete) { dropdownContents.push(
  • ); - if (isOwner || isAdmin) { + if (this.canDelete) { dropdownContents.push(
  • 0) { type = 'Comment'; @@ -189,7 +197,7 @@ export default class RhsRootPost extends React.Component {
    • ); - if (isOwner || isAdmin) { + if (this.canDelete) { dropdownContents.push(
  • Invite New Member to invite new users by email, or the Get Team Invite Link options from the Main Menu. If Get Team Invite Link is used to share a link, you can expire the invite code from Team Settings > Invite Code after the desired users join the team.", "admin.general.policy.teamInviteTitle": "Enable sending team invites from:", + "admin.general.policy.permissionsDeletePostAll": "Message authors can delete their own messages, and Administrators can delete any message", + "admin.general.policy.permissionsDeletePostAdmin": "Team Admins and System Admins", + "admin.general.policy.permissionsDeletePostSystemAdmin": "System Admins", + "admin.general.policy.restrictPostDeleteTitle": "Allow which users to delete messages:", + "admin.general.policy.restrictPostDeleteDescription": "Set policy on who has permission to delete messages.", + "admin.general.policy.allowEditPostTitle": "Allow users to edit their messages:", + "admin.general.policy.allowEditPostDescription": "Set policy on the length of time authors have to edit their messages after posting.", + "admin.general.policy.allowEditPostAlways": "Any time", + "admin.general.policy.allowEditPostNever": "Never", + "admin.general.policy.allowEditPostTimeLimit": "seconds after posting", "admin.general.privacy": "Privacy", "admin.general.usersAndTeams": "Users and Teams", "admin.gitab.clientSecretDescription": "Obtain this value via the instructions above for logging into GitLab.", diff --git a/webapp/stores/user_store.jsx b/webapp/stores/user_store.jsx index 2369c38df..fb1e36590 100644 --- a/webapp/stores/user_store.jsx +++ b/webapp/stores/user_store.jsx @@ -576,7 +576,7 @@ class UserStoreClass extends EventEmitter { var current = this.getCurrentUser(); if (current) { - return Utils.isAdmin(current.roles); + return Utils.isSystemAdmin(current.roles); } return false; diff --git a/webapp/utils/constants.jsx b/webapp/utils/constants.jsx index c8ac74a82..6377f27f2 100644 --- a/webapp/utils/constants.jsx +++ b/webapp/utils/constants.jsx @@ -860,6 +860,13 @@ export const Constants = { PERMISSIONS_ALL: 'all', PERMISSIONS_TEAM_ADMIN: 'team_admin', PERMISSIONS_SYSTEM_ADMIN: 'system_admin', + PERMISSIONS_DELETE_POST_ALL: 'all', + PERMISSIONS_DELETE_POST_TEAM_ADMIN: 'team_admin', + PERMISSIONS_DELETE_POST_SYSTEM_ADMIN: 'system_admin', + ALLOW_EDIT_POST_ALWAYS: 'always', + ALLOW_EDIT_POST_NEVER: 'never', + ALLOW_EDIT_POST_TIME_LIMIT: 'time_limit', + DEFAULT_POST_EDIT_TIME_LIMIT: 300, MENTION_CHANNELS: 'mention.channels', MENTION_MORE_CHANNELS: 'mention.morechannels', MENTION_MEMBERS: 'mention.members', diff --git a/webapp/utils/post_utils.jsx b/webapp/utils/post_utils.jsx index 88021c2a5..20993b95c 100644 --- a/webapp/utils/post_utils.jsx +++ b/webapp/utils/post_utils.jsx @@ -3,11 +3,19 @@ import Client from 'client/web_client.jsx'; import Constants from 'utils/constants.jsx'; +import * as Utils from 'utils/utils.jsx'; + +import TeamStore from 'stores/team_store.jsx'; +import UserStore from 'stores/user_store.jsx'; export function isSystemMessage(post) { return post.type && (post.type.lastIndexOf(Constants.SYSTEM_MESSAGE_PREFIX) === 0); } +export function isPostOwner(post) { + return UserStore.getCurrentId() === post.user_id; +} + export function isComment(post) { if ('root_id' in post) { return post.root_id !== '' && post.root_id != null; @@ -33,3 +41,36 @@ export function getProfilePicSrcForPost(post, timestamp) { return src; } + +export function canDeletePost(post) { + var isOwner = isPostOwner(post); + var isAdmin = TeamStore.isTeamAdminForCurrentTeam() || UserStore.isSystemAdminForCurrentUser(); + var isSystemAdmin = UserStore.isSystemAdminForCurrentUser(); + + if (global.window.mm_license.IsLicensed === 'true') { + return (global.window.mm_config.RestrictPostDelete === Constants.PERMISSIONS_DELETE_POST_ALL && (isOwner || isAdmin)) || + (global.window.mm_config.RestrictPostDelete === Constants.PERMISSIONS_DELETE_POST_TEAM_ADMIN && isAdmin) || + (global.window.mm_config.RestrictPostDelete === Constants.PERMISSIONS_DELETE_POST_SYSTEM_ADMIN && isSystemAdmin); + } + return isOwner || isAdmin; +} + +export function canEditPost(post, editDisableAction) { + var isOwner = isPostOwner(post); + + var canEdit = isOwner && !isSystemMessage(post); + + if (canEdit && global.window.mm_license.IsLicensed === 'true') { + if (global.window.mm_config.AllowEditPost === Constants.ALLOW_EDIT_POST_NEVER) { + canEdit = false; + } else if (global.window.mm_config.AllowEditPost === Constants.ALLOW_EDIT_POST_TIME_LIMIT) { + var timeLeft = (post.create_at + (global.window.mm_config.PostEditTimeLimit * 1000)) - Utils.getTimestamp(); + if (timeLeft > 0) { + editDisableAction.fireAfter(timeLeft + 1000); + } else { + canEdit = false; + } + } + } + return canEdit; +} \ No newline at end of file -- cgit v1.2.3-1-g7c22